No announcement yet.

Double VPN tunnel / RRAS

  • Filter
  • Time
  • Show
Clear All
new posts

  • Double VPN tunnel / RRAS

    I need help setting up a 'double' VPN tunnel! Here's our network setup :

    Windows 2008 server 1 , external IP 81.x.5.1
    This server is used as a VPN access node (default Routing and Remote Access on Win 2008 Server). Over 160 workstations connect via VPN PPTP. They all use p2p software, lots of inbound and outbound connections. Each workstation is given an internal IP, there is only one external IP, server does all the routing via NAT.

    Server runs on a brand new CPU , 3930k. At peak times, CPU load is at 40%.

    Windows 2008 server 2 , external IPs 89.x.100.1/28
    VPN access node running an older i7 920 CPU. It can not handle NAT for 160 connections - CPU goes to 100% and after some time the box freezes.

    * We need to use internet connection of server 2 for ALL internet traffic *

    What i would like to do is link server 1 and server 2 via VPN pptp so server 1 keeps doing all the NAT for 160 workstations BUT use server 2 internet connection ( external IP 89.x.100.2) for all 160 workstations. Load on server 2 should not be high as all NAT routing, which is CPU intensive, is done on server 1.

    What i have tried so far :
    I have tried connecting Server 1 to Server 2 via VPN PPTP and giving server 1 a dedicated IP 89.x.100.2 Everything seems to work and server 1 behaves as if its main IP is 89.x.100.2 BUT for some reason no client can connect to this new IP via vpn pptp as if the port is in use ?! Once i disconnect server 1 and server2 vpn connection, clients can again connect to old server 1 ip, 81.x.5.1.

    Any ideas ?!